REMARKS 

This is responsive to the Office Action dated December 22, 2003 in which the Examiner 
rejects all the pending claims 1-44 as being obvious over combinations of Geiger et al (US Patent No. 
6,073,142), Scannel et al (US Patent No. 5,377,354) and Sandhu ("Transaction Control Expressions 
for Separation of Duties" or "Lattice-Based Access Control Models") under 35USC § 103(a). The 
Specification and the claims are also objected/rejected for some language deficiencies. Applicant has 
amended the Specification and the claims to overcome language deficiencies as pointed out by the 
Examiner, as shown in the above amendments to the Specification and claims. As to the merits, 
Applicant has amended independent claims 1, 8 and 10, and added dependent claims 45-47 to better 
define the present invention. Claim 21 is cancelled without prejudice. No new matter is believed to 
have been introduced in the amendments. 

Applicant respectfully traverses the rejections of the Examiner based on the amended claims 
and the following detailed explanations. 

First of all, Applicant believes that a brief explanation of the present invention is helpful in 
understanding the patentably distinguishing features of the present invention as claimed over the cited 
prior art. The present invention discloses a novel technique of enforcement of security policies in a 
data access system, where a rule is applied to preclude an action if a condition exists. In particular, as 
taught by the present invention, the rule is loaded to data access management software upon 
occurrence of the condition , as now clearly defined in similar language in amended independent 
claims 1, 8 and 10. More specifically, claim 1 recites a step of placing the rule into the software upon 
occurrence of the condition, claim 8 recites means for integrating the rule into the software upon the 
occurrence of the condition, and claim 10 recites a step of modifying the software to include the rule 
upon occurrence of the condition. Thus, with the teaching of the present invention, when said action is 
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attempted, the rule simply precludes the action without a need to test whether the condition exists, 
since the loading of the rule into the software is triggered by the occurrence of the condition. As 
explained in the Specification, this brings significant efficiencies as compared to the prior art where 
the software always need to test whether the condition exists each time the action is attempted (see e.g., 
page 2, lines 5-7). 

Applicant respectfully believes that the present invention as defined in independent claims 1, 
8 and 10 is non-obvious over the combinations of the cited references. In particularly, none of the 
cited references or their combinations has disclosed, implied or taught to load a rule , which precludes 
an action if a condition occurs, into data access management software upon occurrence of the 
condition , as defined in claims 1, 8 and 10. More detailed explanation follows below. 

Geiger et al (US Patent No. 6,073,142) discloses an email processing system in which the 
business communication policies can be automatically applied to control the distribution of the email 
messages. As illustrated in Figures 2 and 3 in Geiger, the rules (policies) are stored in a rule base 270, 
289 and are applied to the email messages by rule engine 210, 283 (see, e.g., col. 10, lines 43-46). 
Geiger, however, does not disclose to upload the rule into the data access management software (read 
as "rule engine 270, 289") upon occurrence of a condition for precluding an action. In fact, Geiger 
only discloses the rules are applied for processing email messages, but does not teach or imply that the 
rules preclude an action upon a condition. Therefore Geiger is believed remote to the present 
invention. By the way, Applicants respectfully disagrees with the assertion of the Examiner in his 
rejection to claim 10 that Geiger has disclosed the feature that the rule is modified into the data access 
management software (read as "rule engine 210, 283") upon occurrence of the first specified 
condition , as no support is found in Geiger for such assertion. 

Sandhu ("Transaction control expressions for separation of duties") discloses a notation and 
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model based on transaction control expressions for specifying and enforcing separation of cuties. 
Sandhu, however, does not disclose that the rule for precluding a second action (e.g., issuing a check) 
by a user is loaded to data access management software upon occurrence of a first action (e.g., 
preparing the check) of the same user. In fact, Sandhu apparently is directed to improvement of the 
rule itself only but does not discuss when the rule is uploaded to software so as to be applied to an 
action attempt. 

Moreover, Applicant respectfully submits that there is no motivation or suggestion for a 
combination of the above two cited references in either of them. Even if the two references are 
combined, the present invention cannot be concluded from the combination since neither of them 
teaches that the rule for precluding an action if a condition exists is uploaded to the data access 
management software upon occurrence of the condition . The uploading need not however be from a 
separate computer. 

Similarly, Applicant also cannot find, in either Scannell et al (US Patent No. 5,377,354) or 
Sandhu ("Lattice-Based Access Control Model"), a teaching to load a rule, which precludes an action 
if a condition occurs, into data access management software upon occurrence of the condition . 
Therefore, independent claims 1, 8 and 10, as now amended with better claim language, are believed 
patentable over the cited prior art. 

At least for the same reasons, dependent claims 2-7, 9, 1 1-20 and 22 - 47 are also patentable 
as each of them includes all the limitations of independent claims 1, 8 or 10. In particularly, newly 
added dependent claims 45-47 further define a distinguishing feature that the rule is generated upon 
occurrence of the condition, which cannot be found in any of the cited references. Therefore, the 
patentability of claims 45-47 is further strengthened. 

Other claims recite that the rule ceases upon a condition ceasing (e.g., claim 9). Applicant 
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therefore respectfully requests reconsideration and allowance in view of the above remarks and 
amendments. A request for a 3-month extension for submitting this response is also enclosed together 
with required extension fee . The Examiner is authorized to deduct additional fees believed due 
from our Deposit Account No. 11-0223. 

Respectfully submitted, 

KAPLAN & GILMAN, L.L.P. 
900 Route 9 North, Suite 104 
Woodbridge, New Jersey 07095 
Telephone (732) 684-^634 



Dated: June 22, 2004 
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